The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

#OpRobinHood : Thousands of United Nation logins leaked by TeaMp0isoN Online 'hactivist' collective Anonymous and hackers Team Poison have joined forces for a new group effort known as 'Operation Robin Hood', that plans to target banks in an effort to give money back to the people. TeaMp0isoN today hack United nation website (www.undp.org) and leak 1000's of Login usernames, Passwords and Emails . Leaked accounts details are posted on pastebin , With a note include " The UN is a fraud! The bureaucratic head of NATO used to legitimise the Barbarism of Capitalist elite! " " How far you have come from the first address by Thomas Jefferson where 'peace, commerce and honestfriendship' were the Modis Operandi to one today where talk of 'eliminating 350,000 people a day'as outlined by Jacques Cousteau is a academic consideration. " They added. Operation Robin Hood Video Message : The music is overly dramatic, the text slamming on...

More than 100 Pakistani Government Sites Under Malware attack Website Malware : A newer form of malware is what can be found attacking websites today. In the old days malware was mostly in the form of computer viruses. In today's age of globalization, malware starts to target websites and mobile devices.  Almost 100's of Pakistan Government sites are under attack by Godzilla Malware, Which is Created and implemented by an Indian Hacker. Hacker named " Godzilla " publish a list of all Freezed sites list here  ,including Peshawar Electric Supply Company website (www.pesco.gov.pk), Ministry of Information and Broadcasting - Government of Pakistan website (www.infopak.gov.pk), Pakistan Navy website (www.paknavy.gov.pk) and Many more. Hacker said," The malware is freezing the sever and if the server is changed then banner of malware hits the live ip.. " Today malware is much more sinister. It is backed up by an industry which some estimate at $...

WikiLeaks wins Aussie Journalism Awards Australia The whistle-blowing website, WikiLeaks, has been honoured at Australia's premier journalism awards for releasing of " an avalanche of inconvenient truths in a global publishing coup " which has had " an undeniable impact ". The Walkley Awards are the Australian equivalent of the Pulitzers: that nation’s most prestigious award for excellence in journalism. Last night, the Walkley Foundation awarded its highest distinction — for “ Most Outstanding Contribution to Journalism ” to WikiLeaks, whose leader, Julian Assange, is an Australian citizen. “ WikiLeaks applied new technology to penetrate the inner workings of government to reveal an avalanche of inconvenient truths in a global publishing coup ,” the Walkley trustees said in bestowing the award Sunday evening. “ Its revelations, from the way the war on terror was being waged, to diplomatic bastardry, high-level horse-trading and the interference in the dome...

Discovered the biggest Facebook phishing in French Two Days before we publish that Geeks at Security Web-Center Found 25 Facebook phishing sites. Security Web-Center found another biggest Facebook phishing site in French which steal more then 5000 usernames and passwords, using the fake domain www.frfacebook.fr to scam the victims. All phished passwords are stored here Security Web-Center suggests that potential victims: Change all exposed passwords; Contact the company or organization that was being spoofed (Facebook, in this case); Alert it that your personal information was exposed; Ask it to cancel any accounts affected (Note: We don’t recommend this for Facebook, obviously, but view it more as a general tip); and If the information provided can be used to access other institutions, such as credit-card companies, contact them, as well. [ Read More ]

Manila AT&T hackers linked to 26/11 Mumbai terror attack Police in the Philippines working with the US Federal Bureau of Investigation have arrested four people over a premium-line phone scam that targeted customers of the American telecommunications giant AT&T to funnel money to a Saudi-based militant group. These four suspected hackers accused of funnelling profits from attacking corporate telephone networks to an Islamic terrorist group blamed for the attacks on Mumbai three years ago. The four suspects allegedly targeted PBX systems maintained by AT&T and gained access to corporate phone lines that they resold at a profit to call centres. The low-level scam resulted in estimated losses of $2m and ran between at least October 2005 and December 2008, and possibly earlier.The operation was allegedly financed by Jemaah Islamiyah, a proscribed Pakistani terrorist organisation blamed for the terrorist attack in Mumbai, India, in November 2008. FBI declined to give of...

New Apache Reverse Proxy Flaw Allows Access to Internal Network Apache acknowledged another reverse proxy issue (CVE-2011-4317) which was discovered by Apache developer from Red Hat while creating a QualysGuard vulnerability signature for an older problem CVE-2011-3368. Depending on the reverse proxy configuration, the vulnerability could allow access to internal systems from the Internet. In order to set up Apache HTTPD to run as a reverse proxy, server administrators use specialized modules like mod_proxy and mod_rewrite. Apache developers are working on a fix of a flaw in its web server software that creates a possible mechanism to access internal systems.The zero-day vulnerability only rears its ugly head if reverse proxy rules are configured incorrectly and is far from easy to exploit, but it is nonetheless nasty. The problem isn't new and a vulnerability that allowed similar attacks was addressed back in October. However, while reviewing the patch for it, Qualys research...

New UK Cyber Security Strategy Released The UK's intelligence agency GCHQ will become a main port of call for businesses dealing with cyberattacks, under the government's new cybersecurity strategy revealed on Friday. The Cheltenham-based GCHQ agency will receive huge amount of fund for its larger contribution to UK's cyber-defence, as announced by Cabinet Office minister Francis Maude in the The UK Cyber Security Strategy [ PDF ]. The government's eavesdropping centre GCHQ will be offered to private industry to help companies improve their security measures against cyber threats.However, the biggest focus will come in trying to educate and help the public to protect themselves from scams, viruses, criminal attacks and more threats. " To support the implementation of our objectives we have committed new funding of £650m over four years for a transformative National Cyber Security Programme (NCSP) to strengthen the UK’s cyber capabilities ," wrote the Mini...

Exposing 25 Facebook phishing websites Geeks at Security Web-Center Found 25 Facebook and list them. Sometimes spammers create fake pages that look like the Facebook login page. When you enter your email and password on one of these pages, the spammer records your information and keeps it. This is called phishing . The fake sites, like the one below, use a similar URL to Facebook.com in an attempt to steal people's login information. The people behind these websites, then use the information to access victims' accounts and send messages to their friends, further propagating the illegitimate sites. In some instances, the phishers make money by exploiting the personal information they've obtained. List of Fake Sites Collected by  Security Web-Center : http://www.sanagustinturismo.co/Facebook/ http://www.facebook.pcriot.com/login.php http://deadlyplayerx.binhoster.com/Facebook/securelogin.php http://facelook.shop.co/login.php http://sigininto.horizon-host.com/facbook/fa...

National program for Cyber army to be launched in India Increasing attacks on cyberspace in India has brought several professionals and experts from the Industry, in support with the Government of India to jointly form a national level program to identify credible and valuable information security experts. The program " National Security Database " is all set to launch this Saturday in Mumbai at a major Information security conference, MalCon. The database will include ethical hackers and programmers who can protect country’s cyberspace. They will all be registered with the National Security Database, a brainchild of Information Sharing and Analysis Centre (ISAC) , a non profit foundation which works closely with the Government on the issue of cyber security. The need of such database originated after 2008 attacks in Mumbai when the cyber security professionals realised that a lot needed to be done in the area. "It is observed that some or other form of electronic n...

Intercepter-NG New Sniffing Tool [Intercepter-NG] offers the following features: + Sniffing passwords\hashes of the types: ICQ\IRC\AIM\FTP\IMAP\POP3\SMTP\LDAP\BNC\SOCKS\HTTP\WWW\NNTP\CVS\TELNET\MRA\DC++\VNC\MYSQL\ORACLE + Sniffing chat messages of ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA + Promiscuous-mode\ARP\DHCP\Gateway\Smart Scanning + Raw mode (with pcap filter) + eXtreme mode + Capturing packets and post-capture (offline) analyzing + Remote traffic capturing via RPCAP daemon + NAT + ARP MiTM + DNS over ICMP MiTM + DHCP MiTM + SSL MiTM + SSL Strip Works on Windows NT(2K\XP\2k3\Vista\7). Download Intercepter-NG 0.9

Sudan Airways mailbox database leaked Sudan Airways mailbox database Hacked By Sudan Cyber Army - SD. Alsa7r and Leaked on Pastebin . The Targeted domains are  sudanair.com  & omyalphaserver.com . This Include more than 100's of Usernames, Emails, Passwords. Sudan Cyber Army in past hack lots of Sudan Government Sites.

SecurityTube Metasploit Framework Expert Certification Launched ! Not so long ago, we had posted the launch of the SecurityTube Wi-Fi Security Expert (SWSE) program. The certification has been a success and it has students from over 25+ countries from around the world. The SecurityTube Metasploit Framework Expert (SMFE) is an online certification on the Metasploit Framework. This course is ideal for penetration testers, security enthusiasts and network administrators. The course leading to the certification exam is entirely practical and hands-on in nature. The final certification exam is fully practical as well and tests the student's ability to think out of the box and is based on the application of knowledge in practical real life scenarios. A brief list of topics to be covered in this course includes: Metasploit Basics and Framework Organization Server and Client Side Exploitation Meterpreter - Extensions and Scripting Database Integration and Automated Exploitation Pos...